6 th Framework Programme (IST-FP6-2004 004033) A Domain-Specific Metamodel for Reusable Object-Oriented High-Integrity Components Matteo Bordin and Tullio.

Slides:

Advertisements

Similar presentations

Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient High-integrity Multi-core Systems Artemis-AAL day 7 May, Budapest 1BME and.

Advertisements

Professor John Hosking, Dean of Engineering and Computer Science Models, Modelling, MBSE.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.

Filling the Gap Between System Design & Performance Verification Rafik HENIA, Laurent RIOUX, Nicolas SORDON Thales Research & Technology.

Model-Based Programming: Executable UML with Sequence Diagrams By Ruben Campos Cal State L.A. Computer Science Thesis Work Spring 2007.

Matteo Bordin Component Development Component Based SW Engineering.

Transparent Environment for Replicated Ravenscar Applications Luís Miguel Pinho Francisco Vasques Ada-Europe 2002 Vienna, Austria June 2002.

MDA > Model Driven Architecture > Orçun Dayıbaş > December, 2006 > METU, Ankara.

Object-Oriented Analysis and Design

Variability Oriented Programming – A programming abstraction for adaptive service orientation Prof. Umesh Bellur Dept. of Computer Science & Engg, IIT.

Train Control Language Teaching Computers Interlocking By: J. Endresen, E. Carlson, T. Moen1, K. J. Alme, Haugen, G. K. Olsen & A. Svendsen Synthesizing.

Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.

1 © Wolfgang Pelz UML3 UML 3 Notations describe how to use reusable software. Package Component Deployment Node.

Object Oriented System Development with VB .NET

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.

7 July 2003 MDA presentation Dennis Wagelaar 1 Model-Driven Architecture The current state of affairs.

Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.

A Model-Driven Framework for Architectural Evaluation of Mobile Software Systems George Edwards Dr. Nenad Medvidovic Center.

Ontologies Reasoning Components Agents Simulations An Overview of Model-Driven Engineering and Architecture Jacques Robin.

II. Middleware for Distributed Systems

Communication in Distributed Systems –Part 2

CS884 (Prasad)Java Goals1 “Perfect Quote” You know you've achieved perfection in design, Not when you have nothing more to add, But when you have nothing.

Object-oriented design CS 345 September 20,2002. Unavoidable Complexity Many software systems are very complex: –Many developers –Ongoing lifespan –Large.

A case study System to Software Integrity Matteo Bordin Jérôme Hugues Cyrille Comar, Ed Falis, Franco Gasperoni, Yannick Moy, Elie Richa.

Applying MDA in the ATM: A practical approach Teodora Bozheva, Terry Bailey (ESI) Julia Reznik, Tom Ritter (Fraunhofer FOKUS)

1 Ivano Malavolta, University of L’aquila, Computer Science Department Ivano Malavolta DUALLy: an Eclipse platform for architectural languages interoperability.

Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.

February Semantion Privately owned, founded in 2000 First commercial implementation of OASIS ebXML Registry and Repository.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved Chapter 12 Object-Oriented.

MT311 Java Application Development and Programming Languages Li Tak Sing( 李德成 )

Workshop on Integrated Application of Formal Languages, Geneva J.Fischer Mappings, Use of MOF for Language Families Joachim Fischer Workshop on.

MDA and QVT  Tom Gullion, Director of Product Management, Together Products.

3 April SOA: Services Oriented Architecture MDA: Model Driven Architecture.

Introduction to MDA (Model Driven Architecture) CYT.

Alignment of ATL and QVT © 2006 ATLAS Nantes Alignment of ATL and QVT Ivan Kurtev ATLAS group, INRIA & University of Nantes, France

Building Tools by Model Transformations in Eclipse Oskars Vilitis, Audris Kalnins, Edgars Celms, Elina Kalnina, Agris Sostaks, Janis Barzdins Institute.

Composing Adaptive Software Authors Philip K. McKinley, Seyed Masoud Sadjadi, Eric P. Kasten, Betty H.C. Cheng Presented by Ana Rodriguez June 21, 2006.

Bulbul Rath EEL Embedded System Seminar Topic: Real Time Systems 02/14/

Model-Driven Analysis Frameworks for Embedded Systems George Edwards USC Center for Systems and Software Engineering

© Fraunhofer IESE Domain-specific Modeling as an Enabling Technology for SMEs Christian Schäfer

Verification and Validation in the Context of Domain-Specific Modelling Janne Merilinna.

© 2012 xtUML.org Bill Chown – Mentor Graphics Model Driven Engineering.

1 LiSyC ENSIETA/DTN 02/04/2008 AADL execution semantics transformation for formal verification Joel Champeau, Thomas Abdoul, Pierre Yves Pillain, Philippe.

Refining middleware functions for verification purpose Jérôme Hugues Laurent Pautet Fabrice Kordon

Modeling Component-based Software Systems with UML 2.0 George T. Edwards Jaiganesh Balasubramanian Arvind S. Krishna Vanderbilt University Nashville, TN.

Performance evaluation of component-based software systems Seminar of Component Engineering course Rofideh hadighi 7 Jan 2010.

INRIA - LaBRICharles Consel Jan-06 1 Domain-Specific Software Engineering Charles Consel Phoenix Research Group LaBRI /INRIA-Futurs January 2006.

Writing Systems Software in a Functional Language An Experience Report Iavor Diatchki, Thomas Hallgren, Mark Jones, Rebekah Leslie, Andrew Tolmach.

MASE : Modeling & Analysis in Software Engineering School of Computing Queen’s University Kingston, Ontario, Canada Juergen Dingel CAMPAM, April 29, 2012.

Grid programming with components: an advanced COMPonent platform for an effective invisible grid © 2006 GridCOMP Grids Programming with components. An.

1. 2 Preface In the time since the 1986 edition of this book, the world of compiler design has changed significantly 3.

CS 501: Software Engineering Fall 1999 Lecture 12 System Architecture III Distributed Objects.

1 Technical & Business Writing (ENG-715) Muhammad Bilal Bashir UIIT, Rawalpindi.

Chapter 5 System Modeling. What is System modeling? System modeling is the process of developing abstract models of a system, with each model presenting.

October 1st 2015 Alexis Fouché 1, Florian Noyrit 1, Sébastien Gérard 1, Maged Elaasar 2 SYSTEMATIC GENERATION OF STANDARD COMPLIANT TOOL SUPPORT OF DIAGRAMMATIC.

Software Systems Division (TEC-SW) ASSERT process & toolchain Maxime Perrotin, ESA.

Ontologies Reasoning Components Agents Simulations An Overview of Model-Driven Engineering and Architecture Jacques Robin.

AUTOMATIC GENERATION OF MODEL TRAVERSALS FROM METAMODEL DEFINITIONS Authors: Tomaž Lukman, Marjan Mernik, Zekai Demirezen, Barrett Bryant, Jeff Gray ACM.

George Edwards Computer Science Department Center for Systems and Software Engineering University of Southern California

Model Driven Architecture MDA SE-548 Lale Doğan

Object Oriented Programming in Java Habib Rostami Lecture 2.

CHESS Methodology and Tool Federico Ciccozzi MBEES Meeting Sälen, January 2011 January 2011.

Object-Oriented Analysis and Design

Complexity Time: 2 Hours.

Model-Driven Analysis Frameworks for Embedded Systems

Execute your Processes

Automated Analysis and Code Generation for Domain-Specific Models

Presentation transcript:

6 th Framework Programme (IST-FP ) A Domain-Specific Metamodel for Reusable Object-Oriented High-Integrity Components Matteo Bordin and Tullio Vardanega University of Padua, Italy The 7 th OOPSLA Workshop on Domain-Specific Modeling Montreal, October 21-22, 2007

OOPSLA DSM Workshop / 16 - Contents 1.The domain 2.Model-driven engineering 3.Constrained object-oriented modeling 4.Implementation technologies 5.Conclusions

OOPSLA DSM Workshop / 16 - High-Integrity Systems The domain DO-178B MIL-STD 882B Def-Stan 0055 DO-178B MISRA IEC 880 IEC Up to 2/3 of development costs on V&V

OOPSLA DSM Workshop / 16 - High-integrity systems: a SW perspective The domain Pros: Abstraction, Automation (correctness by construction) Cons: Model-to-executable distance (difficult analysis) Pros: Adaptive reuse (and encapsulation, information hiding, …) Cons: Predictability, costly/complex run-time Object orientation Model-driven engineering (MDE) Object orientation MDE SCADE Common practice Our goal AADL (+ tools) Source-based approaches

OOPSLA DSM Workshop / 16 - MDE: a key question Model-Driven Engineering What determines the design semantics? Where is it fixed?  The generated software product must be statically analyzable  Its run-time behavior must be predictable and conform with the analysis  Static analysis of the software product should be anticipated by model-based analysis  What “reference universe” informs the metamodel?  The target programming language?  The target execution platform?  An underlying analysis theory?  The blue sky above?  Toward model-based analysis

OOPSLA DSM Workshop / 16 - Closing the gap between model and run-time (I)  Models as blueprints  To permit model-based analysis (timing, safety, security)  Bottom-up construction Model-Driven Engineering Ravenscar Profile Run-time kernel for High-integrity Real-Time Systems Warrants static analyzability Prescribes run-time semantics Identifies run-time metrics Ravenscar Computational Model To render language-neutral the semantics of the Ravenscar profile RCM Metamodel A high-level language to design systems compliant with Ravenscar restrictions by construction Ada Kernel, JVM Graphical/declarative language Higher-level abstraction same run-time semantics

OOPSLA DSM Workshop / 16 - Closing the gap between model and run-time (II) Model-Driven Engineering  Enable sound/complete model-based analysis  Models for V&V, not just for design/implementation Ravenscar Profile Ravenscar Computational Model RCM Metamodel PSM (not visible) Analysis Tool PIM Platform specification conformance Source Code traceability

OOPSLA DSM Workshop / 16 - Constrained Object-Oriented Modeling  Why object-orientation?  Adaptive reuse through inheritance and overriding  Reuse  decrease verification costs  Dispensed with by current industrial practice  Implementation issues  Dead inherited code  Larger-sized executables  More complex traceability  Requires dynamic binding  No static analysis  Far too costly path coverage Object orientation Advanced compilers address some of these problems (e.g., via ROM-able virtual tables) Main focus of the talk!

OOPSLA DSM Workshop / 16 - Dynamic binding: state-of-the-art? Object orientation void m(){ // a dynamically bound invocation this.ptr.p(); } void m(){ if(this.ptr instaceof Impl1){ // issue a statically bound invocation (not possible in Java) } // now evaluate all types... } Code transformation (compiler tool)  use code analysis tools Full code coverage: O (#dispatching_calls ∙ #types) ptr …

OOPSLA DSM Workshop / 16 - The RCM approach: models for V&V Object orientation … o2 : Impl3 o1 : MyClass  Core idea: links fixed at model level  Common in the high-integrity domain (HOOD, HRT-HOOD, AADL, etc.)  Use the dynamic binding mechanism but permit static analysis  Execution paths are statically determined  Model-based analysis instead of code-based analysis ptr

OOPSLA DSM Workshop / 16 - Object-oriented modeling with RCM RCM metamodel Enforce design-by-contract m1 invokes ptr.p2() m2 invokes ptr.p1() and ptr.p2() Class view Component view m1 m2 m3 p1 p2 Determine possible intra-component paths MyClass ptr

OOPSLA DSM Workshop / 16 - Object-oriented modeling with RCM (II) m1 invokes ptr.p2() m2 invokes ptr.p1() and ptr.p2() Class view ptr Object view RCM metamodel m : MyClass i : Impl1 Dynamic binding! Statically determine possible inter-components paths Enforce constant links functional dependencies on properties only call setters just once

OOPSLA DSM Workshop / 16 - Node N2 PIM to PSM in RCM RCM metamodel PIM Object view (with deployment) m : MyClassi : Impl1 Node N1 PSM Object view (not visible) client task (m) stub Middleware skeleton task server (i) Middleware Dynamic binding with statically-fixed execution path(s)

OOPSLA DSM Workshop / 16 - Implementation technologies  Eclipse plug-in  Metamodeling: EMF  Model transformations: ATL, MOFscript  GUI: GMF Implementation Class/Object diagram Deployment diagram

OOPSLA DSM Workshop / 16 - Results & Conclusions (I)  Industrial pilot projects by and  Due for completion and demonstration by December 2007  Targeting real space-qualified hardware  With real-life system ambitions and demands!  Model-based analysis  Needs a suitable underlying computational model  The same philosophy as adopted by SCADE  Fundamental to formally reason on system properties  Before implementation  Easier and more solid what-if analysis  Needs full and accurate modeling of the system  Difficult to map the middleware in the PIM-to-PSM transformation  Difficult to evaluate sizing requirements  Permits to exploit a restricted form of dynamic binding Results

OOPSLA DSM Workshop / 16 - Release client when timeout expires Timing event (released by the invocation of the RI) Results & Conclusions (II)  MDE-enabled object orientation: a première in space software!  Adaptive reuse: software frameworks are a major advantage  Predictability: constrained dynamic binding is acceptable  Certifiable implementation: requires compiler support  Work in progress  To increase PIM expressive power while preserving RCM compliance i : Impl1 Client Sporadic Task (waiting for server reply) Server Evaluate the release event (timeout / server reply) Discard undesired release events Timed-out RI (declarative spec.) Results

OOPSLA DSM Workshop 2007 Questions? Thank you! Matteo Bordin,

OOPSLA DSM Workshop 2007 : POS Overall Modeling Process RCM Modeling POS + Write + Read Protected Read Write POS_Component P : Pos IComputer Compute ??????? GNC + Compute + GNC_Op : IComputer Passive Compute GNC_Component G : GNC : GNC Passive Sporadic GNC_Op Compute ??????? : POS Write Read : IComputer Compute Functional specNon-functional spec